Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 2 3
Requesting a certificate for app.montor.site and www.app.montor.site
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): Apache 2.4.41
The operating system my web server runs on is (include version): Ubuntu 20.04
I can login to a root shell on my machine (yes or no, or I don't know): yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.17.0
Also I found out that when i create verification file manually - site does not see it. Thanks in advance
Let's try reversing the logic:
[change the root and then redirect everything else]
DocumentRoot /var/www/app.montor.site/.well-known/acme-challenge
<Location "/.well-known/acme-challenge/">
#do nothing special for challenges / ignore bad requests
RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
</Location>
<Location "/">
#redirect all other requests to HTTPS
Redirect permanent "/" https://%{HOST}/$1
</Location>
[order may matter so put these location sections near the bottom - if you want to handle the others in HTTP]
Apache config test is ok, but i get error validating data issue
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: montor.site
2: app.montor.site
3: www.app.montor.site
4: www.montor.site
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 2 3
Requesting a certificate for app.montor.site and www.app.montor.site
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: app.montor.site
Type: connection
Detail: Fetching http://app.montor.site/.well-known/acme-challenge/-e6VCm0PUvCNhtqCI9gKnCXNwUnooTkAWXlrntzvSSs: Error getting validation data
Domain: www.app.montor.site
Type: connection
Detail: Fetching http://www.app.montor.site/.well-known/acme-challenge/EjKIca1G5hh5uYfJh3G4b79ElwPps1mf5oAN9ukay_Q: Error getting validation data
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Hello again, i tried to run with --dry-run and --debug-challenges flags, and its worked.
But when i try to debug challenges without --dry run flag. Certbot does not create verification files. Maybe the problem is in rights?
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Simulating a certificate request for app.montor.site and www.app.montor.site
Performing the following challenges:
http-01 challenge for app.montor.site
http-01 challenge for www.app.montor.site
Using the webroot path /var/www/app.montor.site for all unmatched domains.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Waiting for verification...
Cleaning up challenges
The dry run was successful.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Certificate not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/app.montor.site.conf)
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the certificate (may be subject to CA rate limits)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for app.montor.site and www.app.montor.site
Successfully received certificate.